U.S. authorities issued a report Tuesday identifying a remote administration trojan (RAT) they say is used by the North Korea-based hackers to attack the aerospace, telecommunications and finance industries. The tool, called FALLCHILL, is used by a group that the Department of Homeland Security refers to as Hidden Cobra. That group is more popularly known as Lazarus Group, North Korea’s most active hacking group. The group has been widely accused of attempting multibillion-dollar bank thefts in 18 countries and aggression against “media, aerospace, financial, and critical infrastructure sectors in the United States and globally.” Hidden Cobra has used FALLCHILL since 2016 “to target the aerospace, telecommunications, and finance industries,” U.S. officials say, citing “trusted third-party reporting.” Lazarus Group is the result of a years-long national effort to develop and deploy hacking capabilities by North Korea. “They have switched across different domains,” Jon R. Lindsay, a professor at the Global Affairs at the University of Toronto, told CyberScoop earlier this year. […]
The post U.S. CERT issues report on remote hacking tool used by North Korea appeared first on Cyberscoop.
Continue reading U.S. CERT issues report on remote hacking tool used by North Korea→